[release/1.7 backport] update runc binary to v1.1.10 #9359
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- full diff: opencontainers/runc@v1.1.9...v1.1.10 - release notes: https://github.com/opencontainers/runc/releases/tag/v1.1.10 This is the tenth (and most likely final) patch release in the 1.1.z release branch of runc. It mainly fixes a few issues in cgroups, and a umask-related issue in tmpcopyup. - Add support for `hugetlb.<pagesize>.rsvd` limiting and accounting. Fixes the issue of postgres failing when hugepage limits are set. - Fixed permissions of a newly created directories to not depend on the value of umask in tmpcopyup feature implementation. - libcontainer: cgroup v1 GetStats now ignores missing `kmem.limit_in_bytes` (fixes the compatibility with Linux kernel 6.1+). - Fix a semi-arbitrary cgroup write bug when given a malicious hugetlb configuration. This issue is not a security issue because it requires a malicious config.json, which is outside of our threat model. Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit 274a162) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
estesp
approved these changes
Nov 13, 2023
Member
Author
henry118
approved these changes
Nov 13, 2023
kzys
approved these changes
Nov 14, 2023
Mengkzhaoyun
pushed a commit
to open-beagle/containerd
that referenced
this pull request
Dec 20, 2023
containerd 1.7.9 Welcome to the v1.7.9 release of containerd! The ninth patch release for containerd 1.7 contains various fixes and updates. * **update runc binary to v1.1.10::** ([#9359](containerd/containerd#9359)) * **vendor: upgrade OpenTelemetry to v1.19.0 / v0.45.0** ([#9301](containerd/containerd#9301)) * **Expose usage of cri-api v1alpha2** ([#9336](containerd/containerd#9336)) * **integration: deflake TestIssue9103** ([#9354](containerd/containerd#9354)) * **fix: shimv1 leak issue** ([#9344](containerd/containerd#9344)) * **cri: add deprecation warnings for mirrors, auths, and configs** ([#9327](containerd/containerd#9327)) * **Update hcsshim tag to v0.11.4** ([#9326](containerd/containerd#9326)) * **Expose usage of deprecated features** ([#9315](containerd/containerd#9315)) See the changelog for complete list of changes Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. * Samuel Karp * Kazuyoshi Kato * Wei Fu * Kirtana Ashok * Derek McGowan * Milas Bowman * Sebastiaan van Stijn * ruiwen-zhao <details><summary>28 commits</summary> <p> * [release/1.7] Add release notes for v1.7.9 ([#9333](containerd/containerd#9333)) * [`4b912af52`](containerd/containerd@4b912af) Add release notes for v1.7.9 * [release/1.7 backport] update runc binary to v1.1.10 ([#9359](containerd/containerd#9359)) * [`eff291713`](containerd/containerd@eff2917) update runc binary to v1.1.10 * [release/1.7] vendor: upgrade OpenTelemetry to v1.19.0 / v0.45.0 ([#9301](containerd/containerd#9301)) * [`bd9428ff7`](containerd/containerd@bd9428f) vendor: upgrade OpenTelemetry to v1.19.0 / v0.45.0 * [release/1.7] Expose usage of cri-api v1alpha2 ([#9336](containerd/containerd#9336)) * [`d62cba40c`](containerd/containerd@d62cba4) Expose usage of cri-api v1alpha2 * [release/1.7] integration: deflake TestIssue9103 ([#9354](containerd/containerd#9354)) * [`5dbc258a8`](containerd/containerd@5dbc258) integration: deflake TestIssue9103 * [release/1.7] fix: shimv1 leak issue ([#9344](containerd/containerd#9344)) * [`449912857`](containerd/containerd@4499128) fix: shimv1 leak issue * [release/1.7] cri: add deprecation warnings for mirrors, auths, and configs ([#9327](containerd/containerd#9327)) * [`152c57e91`](containerd/containerd@152c57e) cri: add deprecation warning for configs * [`689a1036d`](containerd/containerd@689a103) cri: add deprecation warning for auths * [`8c38975bf`](containerd/containerd@8c38975) cri: add deprecation warning for mirrors * [`1fbce40c4`](containerd/containerd@1fbce40) cri: add ability to emit deprecation warnings * [release/1.7] Update hcsshim tag to v0.11.4 ([#9326](containerd/containerd#9326)) * [`73f15bdb6`](containerd/containerd@73f15bd) Update hcsshim tag to v0.11.4 * [release/1.7] Expose usage of deprecated features ([#9315](containerd/containerd#9315)) * [`60d48ffea`](containerd/containerd@60d48ff) ctr: new deprecations command * [`74a06671a`](containerd/containerd@74a0667) plugin: record deprecation for dynamic plugins * [`fa5f3c91a`](containerd/containerd@fa5f3c9) server: add ability to record config deprecations * [`f7880e7f0`](containerd/containerd@f7880e7) pull: record deprecation warning for schema 1 * [`1dd2f2c02`](containerd/containerd@1dd2f2c) introspection: add support for deprecations * [`aaf000c18`](containerd/containerd@aaf000c) api/introspection: deprecation warnings in server * [`9b7ceee54`](containerd/containerd@9b7ceee) warning: new service for deprecations * [`b708f8bfa`](containerd/containerd@b708f8b) deprecation: new package for deprecations </p> </details> * **github.com/Microsoft/hcsshim** v0.11.1 -> v0.11.4 * **github.com/cenkalti/backoff/v4** v4.2.0 -> v4.2.1 * **github.com/go-logr/logr** v1.2.3 -> v1.2.4 * **github.com/grpc-ecosystem/grpc-gateway/v2** v2.7.0 -> v2.16.0 * **go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc** v0.40.0 -> v0.45.0 * **go.opentelemetry.io/otel** v1.14.0 -> v1.19.0 * **go.opentelemetry.io/otel/exporters/otlp/otlptrace** v1.14.0 -> v1.19.0 * **go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc** v1.14.0 -> v1.19.0 * **go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp** v1.14.0 -> v1.19.0 * **go.opentelemetry.io/otel/metric** v0.37.0 -> v1.19.0 * **go.opentelemetry.io/otel/sdk** v1.14.0 -> v1.19.0 * **go.opentelemetry.io/otel/trace** v1.14.0 -> v1.19.0 * **go.opentelemetry.io/proto/otlp** v0.19.0 -> v1.0.0 Previous release can be found at [v1.7.8](https://github.com/containerd/containerd/releases/tag/v1.7.8)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is the tenth (and most likely final) patch release in the 1.1.z release branch of runc. It mainly fixes a few issues in cgroups, and a umask-related issue in tmpcopyup.
hugetlb.<pagesize>.rsvdlimiting and accounting. Fixes the issue of postgres failing when hugepage limits are set.kmem.limit_in_bytes(fixes the compatibility with Linux kernel 6.1+).(cherry picked from commit 274a162)